Researchers at the University of Minnesota’s College of Science and Engineering have revealed a technique that could allow an unauthorized third-party to track the location of a cell phone using data available from cellular networks.
The vulnerability and technique for tracking was discussed in a paper titled “Location Leaks on the GSM Air Interface” presented at the 19th Annual Network & Distributed System Security Symposium.
“Cell phone towers have to track cell phone subscribers to provide service efficiently. For example, an incoming voice call requires the network to locate that device so it can allocate the appropriate resources to handle the call. Your cell phone network has to at least loosely track your phone within large regions in order to make it easy to find it,” researcher and PhD student Foo Kune said.
"The result is that the tower will broadcast a page to your phone, waiting for your phone to respond when you get a call, Foo Kune said. This communication is not unlike a CB radio. Further, it is possible for a hacker to force those messages to go out and hang up before the victim is able to hear their phone ring," a University of Minnesota press release explained.
The researchers warned that the information has the potential to be accessed by hackers or other third-parties with relatively inexpensive off the shelf hardware and know-how to access the Global System for Mobile Communications (GSM) network.
“It has a low entry barrier. Being attainable through open source projects running on commodity software,” Foo Kune said.
The researchers demonstrated the ability to track a target to within a ten-block radius in a proof of concept field test. The vulnerability represents a hazard on multiple levels the researchers believe.
“Agents from an oppressive regime may no longer require cooperation from reluctant service providers to determine if dissidents are at a protest location. Another example could be thieves testing if a user’s cell phone is absent from a specific area and therefore deduce the risk level associated with a physical break-in of the victim’s residence,” the researchers asserted.
The research team has indicated they are in contact with several mobile service providers and are working on disclosures for customers as well as a potential mitigation effort.